GDPR Compliance

Last Updated: June 4, 2026

Introduction

This page provides information about how moor-gate complies with the General Data Protection Regulation for users located in the European Economic Area. While we primarily operate in Australia, we recognize the importance of protecting the data rights of all website visitors.

Legal Basis for Processing

We process personal data under the following legal bases:

• Consent: When you provide explicit consent for specific processing activities
• Contractual Necessity: When processing is necessary to fulfill service agreements
• Legitimate Interests: When we have a legitimate business interest that does not override your rights
• Legal Obligation: When required to comply with applicable laws

Your Rights Under GDPR

If you are located in the EEA, you have the following rights regarding your personal data:

• Right to Access: You can request a copy of the personal data we hold about you
• Right to Rectification: You can request correction of inaccurate or incomplete data
• Right to Erasure: You can request deletion of your personal data in certain circumstances
• Right to Restrict Processing: You can request that we limit how we use your data
• Right to Data Portability: You can request your data in a structured, machine-readable format
• Right to Object: You can object to processing based on legitimate interests or direct marketing
• Right to Withdraw Consent: You can withdraw previously given consent at any time

Data Protection Officer

For questions about data protection or to exercise your rights, please contact us at:

Email: [email protected]
Address: Level 3, 142 Clarence Street, Sydney NSW 2000, Australia

International Data Transfers

Your personal data may be transferred to and processed in Australia. We ensure appropriate safeguards are in place to protect your data in accordance with GDPR requirements when transferring data outside the EEA.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected or as required by law. When data is no longer needed, we securely delete or anonymize it.

Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significant effects on individuals.

Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication measures
• Employee training on data protection

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR.

Supervisory Authority

You have the right to lodge a complaint with your local data protection supervisory authority if you believe we have not complied with GDPR requirements.

Third-Party Services

We only work with third-party service providers who provide sufficient guarantees to implement appropriate technical and organizational measures to ensure GDPR compliance.

Updates to This Information

We may update this GDPR compliance information periodically. Significant changes will be communicated through our website with an updated effective date.